AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2024-12-20 04:57:52 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
eeb715c3e9
linux_dsm_epyc7002/arch
History
Nicholas Piggin eeb715c3e9 powerpc/64s/radix: Boot-time NULL pointer protection using a guard-PID 
This change restores and formalises the behaviour that access to NULL
or other user addresses by the kernel during boot should fault rather
than succeed and modify memory. This was inadvertently broken when
fixing another bug, because it was previously not well defined and
only worked by chance.

powerpc/64s/radix uses high address bits to select an address space
"quadrant", which determines which PID and LPID are used to translate
the rest of the address (effective PID, effective LPID). The kernel
mapping at 0xC... selects quadrant 3, which uses PID=0 and LPID=0. So
the kernel page tables are installed in the PID 0 process table entry.

An address at 0x0... selects quadrant 0, which uses PID=PIDR for
translating the rest of the address (that is, it uses the value of the
PIDR register as the effective PID). If PIDR=0, then the translation
is performed with the PID 0 process table entry page tables. This is
the kernel mapping, so we effectively get another copy of the kernel
address space at 0. A NULL pointer access will access physical memory
address 0.

To prevent duplicating the kernel address space in quadrant 0, this
patch allocates a guard PID containing no translations, and
initializes PIDR with this during boot, before the MMU is switched on.
Any kernel access to quadrant 0 will use this guard PID for
translation and find no valid mappings, and therefore fault.

After boot, this PID will be switchd away to user context PIDs, but
those contain user mappings (and usually NULL pointer protection)
rather than kernel mapping, which is much safer (and by design). It
may be in future this is tightened further, which the guard PID could
be used for.

Commit 371b8044 ("powerpc/64s: Initialize ISAv3 MMU registers before
setting partition table"), introduced this problem because it zeroes
PIDR at boot. However previously the value was inherited from firmware
or kexec, which is not robust and can be zero (e.g., mambo).

Fixes: 371b80447f ("powerpc/64s: Initialize ISAv3 MMU registers before setting partition table")
Cc: stable@vger.kernel.org # v4.15+
Reported-by: Florian Weimer <fweimer@redhat.com>
Tested-by: Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com>
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
2018-02-08 23:56:11 +11:00
..
alpha pci-v4.16-changes 2018-02-06 09:59:40 -08:00
arc The core framework has a handful of patches this time around, mostly due 2018-02-01 16:56:07 -08:00
arm Merge branch 'akpm' (patches from Andrew) 2018-02-06 22:15:42 -08:00
arm64 Merge branch 'akpm' (patches from Andrew) 2018-02-06 22:15:42 -08:00
blackfin The core framework has a handful of patches this time around, mostly due 2018-02-01 16:56:07 -08:00
c6x The core framework has a handful of patches this time around, mostly due 2018-02-01 16:56:07 -08:00
cris The core framework has a handful of patches this time around, mostly due 2018-02-01 16:56:07 -08:00
frv The core framework has a handful of patches this time around, mostly due 2018-02-01 16:56:07 -08:00
h8300 The core framework has a handful of patches this time around, mostly due 2018-02-01 16:56:07 -08:00
hexagon The core framework has a handful of patches this time around, mostly due 2018-02-01 16:56:07 -08:00
ia64 Merge branch 'akpm' (patches from Andrew) 2018-02-06 22:15:42 -08:00
m32r The core framework has a handful of patches this time around, mostly due 2018-02-01 16:56:07 -08:00
m68k lib: optimize cpumask_next_and() 2018-02-06 18:32:44 -08:00
metag The core framework has a handful of patches this time around, mostly due 2018-02-01 16:56:07 -08:00
microblaze Microblaze patches for 4.16-rc1 2018-02-02 09:48:36 -08:00
mips MIPS fixes for 4.16-rc1 2018-02-07 11:31:05 -08:00
mn10300 The core framework has a handful of patches this time around, mostly due 2018-02-01 16:56:07 -08:00
nios2 The core framework has a handful of patches this time around, mostly due 2018-02-01 16:56:07 -08:00
openrisc The core framework has a handful of patches this time around, mostly due 2018-02-01 16:56:07 -08:00
parisc The core framework has a handful of patches this time around, mostly due 2018-02-01 16:56:07 -08:00
powerpc powerpc/64s/radix: Boot-time NULL pointer protection using a guard-PID 2018-02-08 23:56:11 +11:00
riscv RISC-V changes for 4.16 2018-02-07 11:33:08 -08:00
s390 libnvdimm for 4.16 2018-02-06 10:41:33 -08:00
score arch/score/kernel/setup.c: combine two seq_printf() calls into one call in show_cpuinfo() 2018-02-06 18:32:47 -08:00
sh libnvdimm for 4.16 2018-02-06 10:41:33 -08:00
sparc libnvdimm for 4.16 2018-02-06 10:41:33 -08:00
tile The core framework has a handful of patches this time around, mostly due 2018-02-01 16:56:07 -08:00
um The core framework has a handful of patches this time around, mostly due 2018-02-01 16:56:07 -08:00
unicore32 lib: optimize cpumask_next_and() 2018-02-06 18:32:44 -08:00
x86 Merge branch 'akpm' (patches from Andrew) 2018-02-06 22:15:42 -08:00
xtensa The core framework has a handful of patches this time around, mostly due 2018-02-01 16:56:07 -08:00
.gitignore
Kconfig Makefile: introduce CONFIG_CC_STACKPROTECTOR_AUTO 2018-02-06 18:32:44 -08:00